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Abstract - This paper discusses about a new algorithm in the area of cryptography. The algorithm is 
expected to find an extensive use in wireless telecom networks for end-to-end network security. A new 
stream cipher based on dynamic S-box is designed, implemented and tested in MATLAB. The new cipher 
thus generated is tested through 16 different randomness tests mentioned in one o£^he NIST special 
publication 8oo-22[2].For this implementation many references have been taken froi 
Advanced Encryption Standard structure. This work was done as part of the rq 
Technology at Manipal Institute of Technology, Manipal. 





I. Introduction 

We need security to feel safe in life. Whether it is about feeling or ako WtJ he information security in 
computer network, security has always been one of the main #oncer^~One of the several available 
methods to secure the information in any network is cryptogrjmhvStre^m ciphers and block ciphers are 
one of the classifications of cipher structures. In this paper we (^acempate mainly on stream ciphers since 
our work and the findings are on stream ciphers. 

Stream ciphers are essentially meant to be a pseudorai 

generate a stream that is random in nature. To verify tfle^andomness of the resulting stream we apply 
around 16 randomness tests on the stream. Fqj^l^*^^first implement those 16 tests in Matlab. And to 
check the correctness of the Matlab implemerftatrlt oflthese 16 tests, we apply these tests first on one of the 
already existing stream cipher. And the re^rei^ejPPream cipher we take for this purpose is RC4 stream 
cipher. 




Reference Algorithm 

There is a high need to improve the &^j/\g stream ciphers by introducing more non-linearity into it. Before 
doing this we intend to study alty o£ the existing stream cipher algorithm so as to make a comparative 
study. And the algorithm that wNjhoose for this purpose is the RC4 algorithm. 

RC4 is a stream cipher ^feagned in 1987 by Ron Rivest.lt is a variable key-size stream cipher with byte- 
oriented operations^fS|^lgorithrn is based on the use of a random permutation. It is the most widely used 
cipher. The algorithm is based on the use of a random permutation. Analysis shows that the period of the 
cipher is overvd(e]Viirfgly likely to be greater than 10 100 . Eight to sixteen machine operations are required per 
output byte, and are cipher can be expected to run very quickly in software' 1 ' . 

Taking all these factors into consideration we come to a conclusion that RC4 is the best choice to start this 
work. Accordingly we start with the implementation of RC4 algorithm in Matlab. 

III. Statistical Test Suite for Validating Randomness 

Next work is to validate the RC4 key stream as random. The intention behind this validation is not to test 
the RC4 algorithm instead to make sure the correctness in the implementation of those 16 tests that are to 
be run on RC4. 

NIST issued a special publication (800-22) that discusses about aspects of selecting and testing random and 
pseudorandom number generators ' 2 l The generators suitable for use in cryptographic applications may 
need to meet stronger requirements than for other applications. NIST publication discusses about some 
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criteria for characterizing and selecting appropriate generators. With help of these criteria we can decide 
whether our new stream cipher generated is a perfect random generator or not. 

Randomness is a probabilistic property. Various statistical tests can be applied to a sequence to attempt to 
compare and evaluate the sequence to a truly random sequence. The properties of a random sequence can 
be characterized and described in terms of probability. For each applied test, decision or conclusion is 
derived that accepts or rejects the sequence that was produced. The statistic value is a function of the data. 
Test statistic is used to calculate a P-value that summarizes the strength of the stream generated. For these 
tests; each P-value is the probability that a perfect random number generator would have produced a 
sequence less random than the sequence that was tested , given the kind of non-randomness assessed by 
the test. A P-value > o.oi would mean that the sequence would be considered to be random with a 
confidence of 99%.A P-value < o.oi would mean that the sequence is non-random with a confidence of 



IV. Random Number Generation Tests • ▼ 



The NIST Test suite is a statistical package consisting of 16 tests that were develoned t^^fst the randomness 
of binary sequences produced by either hardware or software based ^pwtCgraphic random or 
pseudorandom number generators. The 16 tests are: 



The frequency Test: Purpose is to determine whether the frumber^f- ones and zeros in a sequence 
are approximately the same as would be expected for a Jj|mly)fend«m sequence. 



Frequency Test within a block: Purpose of this test is^t^darermine whether the frequency of ones 
in an M-bit block is approximately M/2, as would b expected under an assumption of randomness. 

Runs Test: Purpose is to determine whether the ^yfnber of ones and zeros of various lengths is as 
expected for a random sequence. 

Test for the Longest Run of oiik lr^TBkjjnc Purpose is to determine whether the length of the 
longest run of ones that would be^roecy?a in a random sequence. 




Binary Matrix Rank Test: Pu/p^e^s to check for linear dependence among fixed length substrings 
of the original sequence. 

b (Spectral) Test: Purpose is to detect the periodic features in the tested 
licate a deviation from the assumption of randomness. 

Non- overla^pd^Template Matching Test: Purpose is to detect generators that produce too many 
occurren«|sjDf a given non-periodic pattern. For this test an m-bit window is used to search for a 
specifi^jjApirpattern. If the pattern is not found, the window slides one bit position. If the pattern 
is found, tne window is reset to the bit after the found pattern, and the search resumes. 

Overlapping Template matching Test: The difference between this test and test number 7 is that 
when the pattern is found, the window slides only one bit before resuming the search. 

Maurer's Universal Statistical Test: Purpose of this test is to detect whether or not the sequence can 
be significantly compressed without loss of information. 

Lempel-Ziv Compression Test: Purpose is to determine how far the tested sequence can be 



Linearity Complexity Test: Purpose of this test is to determine whether or not the sequence is 
complex enough to be considered random. 
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12. Serial Test: Purpose is to determine whether the number of occurrences of the 2m m-bit 
overlapping patterns is approximately the same as would be expected for a random sequence. 

13. Approximate Entropy Test: Purpose is to compare the frequency of overlapping blocks of two 
consecutive lengths against the expected result for a random sequence. 

14. Cumulative Sums Test: Purpose is to determine whether the cumulative sum of the partial 
sequences occurring in the tested sequence is too large or too small relative to the expected 
behavior of that cumulative sum for random sequences. 

15. Random Excursions Test: Purpose is to determine if the number of visits to a particular state 
within a cycle deviates from what one would expect for a random sequence. 

16. Random Excursions variant Test: Purpose is to detect deviations from the expecrea^aumber of visits 
to various states in the random walk. /^^^ 

All the above tests are implemented in Matlab and we run them on RC4 key ^rawrS We find that all the 
tests are successfully run on RC4 and give a P- value > 0.01. We can now prrtc%ecy(rah the implementation 
of new stream cipher based on dynamic S-box. a^^^^ 

V. Random Number Generat^m Teffs 

For new stream cipher generation we make use of the AES Ke^fcro^fsion method w . But here we use a 
dynamic S-box which is dependent on input key value. Thenb^Lus^g this dynamic S-box we generate key 
stream by AES Key expansion method. 

Osr 

To begin with stream cipher generation, we generate an S^b/jx depending on the input key value. We input 
a 16 byte key value. The binary equivalent of tMk yPWt«key is stored in an array. We find a non-singular 
matrix by selecting first 8*8 = 64 bits of the afra\^ftfre determinant of the 8 by 8 matrix formed by these 
64 bits is zero then we take next 64 JaitsV^o^|^Dy one bit left shift of the binary values in the key 
array). Once we find a non-singular matrutfroWaie input key, we store it in another temporary array so 
that it can be used later for S-box generaiionwVe keep a dummy key which will be useful, incase if the first 
key fails to give a non-singular matri?^^^^ 

Now we proceed with the generacton #f dynamic S-box by following the steps mentioned for AES algorithm. 
But here modulo polynomijjJneNk not be constant always. Selection of irreducible modulo polynomial is 
also left to the user. Also *^hileNk>ing affine transformation ax + b = c, the value of 'c' is also a user's choice. 
The matrix 'a' in the affirfc»j^nsformation is the one obtained by the input key w . 

Thus the resultins^Xbox cannot be predicted just by looking at the input key and for different input keys 
we are able to ^jj^are different S-box providing non-linearity to the cipher structure. We use this dynamic 
S-box providing non-linearity to the cipher structure. We use this dynamic S-box in AES Key expansion 
method to produce the key stream W. 

Finally to validate the randomness of the resulting key stream we apply the NIST tests on key stream. 
Figures 1 and 2 give a flowchart of the implementation work carried out. Key Stream shown in figure 2 is the 
generated random stream upon which FIPS mentioned 16 tests were successfully tested. 
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Input Key 



Convert to 7- 
bit ASCII 
format 



Copy the key into first 
4 words, w[0] to 
w[4],of the expanded 



Form 8x8 
matrix with 
first 64 bits 





Left shift the 




bits by one 




position 





temp = Substitute word 



Figure 2. Key generatio 



VI. Preliminary Result Analysis 



As explained earlier, before we generate and test our new stream cipher we should be sure about the 
working of the 16 randomness tests we have implemented. For this purpose we take RC4 as the reference 
algorithm because RC4 already known as a perfect random stream generator W. If all the 16 randomness 
tests successfully run on RC4 and gives the desired result i.e., a P-value > 0.01, then we can be sure about 
working / implementation of 16 randomness tests. 

When we tested RC4 key stream with the 16 randomness tests we obtained a P-value > 0.01 for all 16 tests. 
With this preliminary result it was easy to go ahead with our new stream cipher generation without any 
confusion about the correctness in the implementation of 16 randomness tests. 
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VI. Results 

We implemented all 16 tests in MATLAB and then these tests were run on the RC4 generated key stream. 
We first generate 256 bytes of key stream. The generated key stream is tested for its randomness. Table 4.1 
gives the result obtained when the tests were run on different lengths of key stream. As discussed in earlier 
chapters the method of validating the randomness of key stream is by checking the P-value. If the obtained 
P-value is less than 0.01 then the key stream is declared as non-random. If the P-value is greater than or 
equal to 0.01 then the key stream is declared as a valid random key stream. 

One fact to be observed here is that RC4 is already known for the randomness in its resulting key stream. 
Therefore while testing RC4 we have not considered more than 3 to 4 scenarios. If by running at least 3 
scenarios we can obtain a P-value of greater than or equal to 0.01 that itself is a valid result to proceed for 
the next step. The NIST Test suite however mentions that more the number of scenarios passed, better is 
the resulting algorithm. While testing our new stream cipher therefore we consid*l^rnany different 
scenarios by taking different input keys. But only selected 5 scenarios are highlighted ipr^ble 



«0 




All the columns shown in table 1 are tested for a key stream length of 8800 bytes/^Ve Jest the key stream for 
different values of input key. There are two different input keys used in oj^cNmnlementation. One is to 
generate the dynamic S-box and the other to use for the key expansion tamtine. The key used for key 
expansion routine is changed and for all the changed values of key 
streams are tested for more than 15 scenarios and were observed ti 
have highlighted only few test scenarios. Lempel-Ziv test resuH 
few of the parameters (mean and variance) required to calculati 
publication 800-22. So we neglect this test. 



•ent key streams. All the key 
tests successfully. In table 1 we 
'een tabulated for the reason that 
e in this test are not provided in the 



VI. How Better is Our New Cipher Algorithm? 

*^fck^for 

revel ( 



both RC4 and our new stream cipher based on 
of security provided by both the algorithms. 



Now that we have seen and analyzed the te* r _ 
dynamic S-box we should be able to differe4%^^^^f 

We see that both RC4 as well as new strrfarnWipner pass NIST tests. Now the improvement or the increase 
in amount of security provided by th^eltwream cipher lies solely in the fact that the S-box used for the 
implementation is highly unpredictaBl ^ft tone of the existing stream ciphers are maldng use of S-box for the 
key stream generation which itself is %big plus point in our new stream cipher generation. 



No doubt RC4 has beeo almost widely used stream cipher so far because of its simplicity of 
implementation; we see»th\j- there are still few loopholes in RC4 as mentioned in literature survey. So our 
iher wCTiL^robablv be the better choice for more advanced applications. 



Table 1 P-values for new key stream 
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Test #2 
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VI. Conclusion 



Now that we have seen and analyzed the te£ 
dynamic S-box we should be able to differei 




Its! for both RC4 and our new stream cipher based on 
evel of security provided by both the algorithms. 



The work concentrates only on the development of a new stream cipher based on AES dynamic S-box. 
While doing this we have given muclVa^ewlron to the randomness of the generated stream rather than how 
fast our algorithm runs. Hence perforl^jj^e analysis of the stream cipher algorithm that we have developed 
is still pending and to be taken th# part of future work. For checking the performance of the algorithm 
through software implementatrali^we can go for a high level language like C/C++ and a better operating 
system like Linux of highea<vera|pns. We can also go for checking our stream cipher performance pertaining 
to a specific application^or this we can select any of the existing communication system where there i; 
high requirement fof^liMrypti 
suitable choice fo\ 



ce fo^flis. 



yption and decryption of data. Any security driven DSP application would be 
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